Tom's Guide > Forum > Sécurité - Virus > Analyse de mon log hijackthis ?

Analyse de mon log hijackthis ?

Forum Sécurité - Virus : Analyse de mon log hijackthis ?

TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !
Créer un nouveau sujet Répondre
Mot :    Pseudo :           
 
kayakman   31-12-2005 à 12:51:22

Resalut,

En désespoir de cause, j'implore l'un de vous de m'aider à déchiffrer le log de hijackthis svp .

Pour rappel mon ordi n'arrête pas de redémarrer tout seul. L'explication est peut-être dans ce log.

Vous y trouverez maybe un virus car je suis dans l'impossibilité de certifier que je ne suis pas contaminé car dés que je veux scanner mon ordi avec kaspersky, mon PC reboot!

Vous avez mon destin entre vos mains! ;)

Merci et bonne année

Voici le log:

Logfile of HijackThis v1.99.1
Scan saved at 12:42:30, on 31/12/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\oodag.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Fichiers communs\Stardock\SDMCP.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Fichiers communs\stardock\TrayServer.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Stardock\ObjectDock\KkTrayServer\KkTrayServer.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\WINDOWS\System32\nvraidservice.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Save\Save.exe
C:\WINDOWS\System32\wbem\unsecapp.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Stardock\ObjectDock plus\ObjectDock.exe
C:\Documents and Settings\benoît\Mes documents\Ben\Utilitaires\customization\Logiciel\raincalendar\Rainlendar.exe
C:\Program Files\Samurize\Client.exe
C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
C:\WINDOWS\System32\cidaemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\benoît\Mes documents\Ben\Utilitaires\hijackthis\HijackThis-1.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.accoona.com/search_assi [...] n=wdz0605a
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.accoona.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.be/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.accoona.com/search_assi [...] n=wdz0605a
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.accoona.com/search?q=%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [1A:Stardock TrayMonitor] "C:\Program Files\Fichiers communs\stardock\TrayServer.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [1A:KkTrayServer] C:\Program Files\Stardock\ObjectDock\KkTrayServer\KkTrayServer.exe
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\System32\nvraidservice.exe
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [WhenUSave] "C:\Program Files\Save\Save.exe"
O4 - Startup: ObjectDock Plus.lnk = C:\Program Files\Stardock\ObjectDock plus\ObjectDock.exe
O4 - Startup: Raccourci vers Rainlendar.exe.lnk = ?
O4 - Startup: Samurize.lnk = C:\Program Files\Samurize\Client.exe
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft. [...] 2650263796
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/p [...] r37490.cab
O18 - Protocol: bw+0 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {5B677E3C-ED4F-4602-8584-5AD239B672FF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: MCPClient - C:\Program Files\Fichiers communs\Stardock\mcpstub.dll
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~2\WINDOW~1\fastload.dll (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\System32\oodag.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

Répondre
Liens sponsorisés
Inscrivez-vous ou connectez-vous pour masquer ceci.
majilune   31-12-2005 à 13:41:49
- 0 +

Pour analiser ton log va sur www.hijackthis.de
J'ai regarder,supprimme sa:

C:\Program Files\Save\Save.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.accoona.com/search?q=%s

R3 - Default URLSearchHook is missing

O4 - HKLM\..\Run: [1A:KkTrayServer] C:\Program Files\Stardock\ObjectDock\KkTrayServer\KkTrayServer.exe

O4 - HKCU\..\Run: [WhenUSave] "C:\Program Files\Save\Save.exe"

voila supprimme tout sa et refé une analyse avec le site.

Répondre à majilune
OmaR   31-12-2005 à 17:35:56
- 0 +

Salut,

Il faut vraiment éviter d'aller sur le site hijackthis.de !!!
La preuve ObjectDock est totallement légitime !!

Fix ces lignes dans HijackThis :

Citation :


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.accoona.com

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.accoona.com/search?q=%s

R3 - Default URLSearchHook is missing

O4 - HKCU\..\Run: [WhenUSave] "C:\Program Files\Save\Save.exe"



Désinstalle Save dans Ajout/Suppression de programmes.
Et supprime ce dossier : C:\Program Files\Save\

Sinon c'est propre.

Répondre à OmaR
kayakman   01-01-2006 à 22:34:29
- 0 +

merci beeaucoup pour votre aide!

Répondre à kayakman
Créer un nouveau sujet Répondre
Tom's Guide > Forum > Sécurité - Virus > Analyse de mon log hijackthis ?
Aller à :

Il y a 552 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Plan du forum
Forum Bestofmedia ©
2000-2009 Bestofmedia Group
Page générée en 0,332 secondes
Attention

Vous allez répondre sur un sujet resté inactif pendant plus de 6 mois.
Assurez-vous d'apporter des éléments nouveaux à la discussion avant de poursuivre.

Répondre Annuler
Liens